%define name mandi %define version 0.7.5 %define release 1mdk Summary: Monitoring daemon bridge Name: %{name} Version: %{version} Release: %{release} Source0: %{name}-%{version}.tar.bz2 License: GPL Group: Networking/Other Url: http://cvs.mandriva.com/cgi-bin/cvsweb.cgi/soft/mandi/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot BuildRequires: dbus-devel Requires(post): rpm-helper Requires: dbus %description Mandi is a monitoring daemon which acts as a bridge from root monitoring libraries to user applications, using D-Bus. Its plugin system allows to monitor different kind of events. A built-in plugin forwards wireless scan results from wpa_supplicant to user applications. %package ifw Summary: Firewall rules for Interactive Firewall Group: Networking/Other Requires(post): shorewall Requires: mandi = %{version} Requires: ipset %description ifw This package contains the iptables rules used to forward intrusion detections to the mandi daemon. It is a component of Interactive Firewall. %prep %setup -q %build %make %install rm -rf $RPM_BUILD_ROOT install -D -m755 src/%{name} $RPM_BUILD_ROOT%{_sbindir}/%{name} install -D -m644 conf/%{name}.conf $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d/%{name}.conf install -D -m755 scripts/%{name}.init %buildroot%{_initrddir}/%{name} install -d -m755 %buildroot%{_sysconfdir}/ifw/rules.d/ install -m644 rules.d/* %buildroot%{_sysconfdir}/ifw/rules.d/ install -m644 scripts/{start,stop} $RPM_BUILD_ROOT%{_sysconfdir}/ifw %clean rm -rf $RPM_BUILD_ROOT %post %_post_service mandi %preun %_preun_service mandi %triggerpostun ifw -- mandi-ifw < 0.7.2-2mdk STARTFILE=%{_sysconfdir}/shorewall/start if [ -f $STARTFILE ]; then grep -v -E "^INCLUDE ifw$" $STARTFILE > $STARTFILE.new mv -f $STARTFILE.new $STARTFILE fi %files %defattr(-,root,root) %{_sbindir}/%{name} %config %{_sysconfdir}/dbus-1/system.d/%{name}.conf %{_initrddir}/mandi %files ifw %dir %{_sysconfdir}/ifw/ %{_sysconfdir}/ifw/start %{_sysconfdir}/ifw/stop %{_sysconfdir}/ifw/rules.d/* %changelog * Thu Oct 27 2005 Olivier Blin 0.7.5-1mdk - 0.7.5: switch to dbus 0.50 * Fri Sep 23 2005 Olivier Blin 0.7.4-1mdk - 0.7.4: o fix saving whitelist o don't skip reports when a another attack is being reported * Thu Sep 8 2005 Olivier Blin 0.7.3-1mdk - 0.7.3: o fix stop script to remove all entries in the Ifw rule o fix D-Bus message order for blacklist notification * Sun Sep 4 2005 Olivier Blin 0.7.2-2mdk - remove "INCLUDE ifw" in shorewall start file on upgrade * Thu Sep 1 2005 Olivier Blin 0.7.2-1mdk - mandi: save white list right after adding/modifying entries * Thu Sep 1 2005 Olivier Blin 0.7.1-1mdk - 0.7.1: o add start/stop scripts o add rules.d directorty, with a sample psd rule o shorewall isn't required by the package anymore o remove shorewall workarounds, it'is better done by drakfirewall now o notify attacks even if attacker is already present in log o don't create ipsets in the daemon * Thu Aug 25 2005 Olivier Blin 0.7-2mdk - use clean tarball (fix build on 64 bits, thanks couriousous) * Wed Aug 24 2005 Olivier Blin 0.7-1mdk - 0.7, IFW plugin improvements: o keep logs and allow to clear them o allow applications to notify themselves when the user has checked reports or asked to manage the lists o send notifications in automatic mode too * Mon Aug 22 2005 Olivier Blin 0.6-4mdk - do not match for ESTABLISHED,RELATED connections (Samir), this should avoid DNS blacklist * Mon Aug 22 2005 Olivier Blin 0.6-3mdk - remove ifw inclusion in shorewall on full removal only * Sat Aug 20 2005 Olivier Blin 0.6-2mdk - really fix dbus permissions * Fri Aug 19 2005 Olivier Blin 0.6-1mdk - 0.6 o create ipsets in shorewall start script o start mandi service after messagebus o allow console users to use Interactive Firewall * Thu Aug 18 2005 Olivier Blin 0.5-1mdk - 0.5 o use an Ifw chain in shorewall/iptables o handle blacklist and whitelist in the Ifw chain * Thu Aug 18 2005 Olivier Blin 0.4-1mdk - 0.4 (ignore notifications from the loopback interface) - start mandi daemon as a service - add a mandi-ifw subpackage to insert Interactive Firewall in shorewall start rules - use psd to detect port scans * Thu Aug 11 2005 Olivier Blin 0.3-1mdk - 0.3, Interactive Firewall improvements: o really support ipset (using iptrees) o use correct byte order to add IP addresses in iptrees o send only one attack report per IP address o fix description (thanks to Mathieu Geli) * Fri Jul 29 2005 Olivier Blin 0.2-1mdk - 0.2 (small bugfix) - Requires ipset * Thu Jul 28 2005 Olivier Blin 0.1-1mdk - allow to select a wireless network - enable fake Active Firewall mode * Fri Jul 15 2005 Olivier Blin 0.1-0.1mdk - initial release